ABOUT THE PROGRAM
The course covers the following topics:
DON'T TOUCH THIS TAB
It’s important to improve the accordion’s behaviour
Firewall Concepts
- Firewalls and Their Evolution
- Access Control Lists or Stateless Inspection Firewalls
- Stateful Inspection firewalls
- The Stateful Inspection Advantage –Passive FTP Example
- Unified Threat Management
- Next-generation firewalls
- Zone based vs. Interface Based Firewalls
- Introduction to the Check Point Technology
- Components of the Check Point Solution
- SmartConsole
- Supported Authentication Schemes
- Check Point Password Authentication
- OS Password Authentication
- RADIUS Server
- SecurID Server
- TACACS Server
- Check Point Deployment Options – The Architecture
- Securing the Communication channel – Check Point SIC (Secure Internal Communication)
Working with the Security Policy, Best Practice, Logs & Troubleshooting
- The Security Policy
- Creating and Managing Objects
- Creating a Strong Firewall Security Policy – Rule Base Fundamentals
- Creating a Secure Firewall Security Policy – Rule Base Best Practices
- Working with Logs & Monitoring Traffic in a Check Point based environment
- Tracking Options: Alert, Log, None
- Catalog of Views and Reports
- Reports
- Filters
- Log Analysis
- Using the Log View
- Searching the Logs
- Creating Custom Queries
- Selecting Query Fields
- Query Language Overview
- Event Details
Introduction to the Command Line Interface CLI & NAT
- Command Line Interface
- Commands and Features
- Clish , expert modes
- Useful Commands
- Basic Concepts in Network Address Translation
- NAT Types
- Private Networks address spaces
- Static NAT
- CONFIGURING Static NAT
- Hide NAT
- Choosing the Hide Address in Hide NAT
- Hide NAT Using Another Interface IP Address
- CONFIGURING HIDE NAT
- Manual NAT
Identity Awareness & VPN
- Identity Sources
- How AD Query Works
- Browser-Based Authentication
- How Captive Portal Works – Firewall Rule
- How Transparent Kerberos Authentication Works
- Site to Site VPN
- Sample VPN Access Control Rules
- VPN workflow
- VPN Communities
- Topologies
- Sample Star Deployment
- Sample VPN Access Control Rules
- IPsec & IKE
- IKE Phase I
- IKE Phase II
- Diffie Hellman Groups
- Remote Access VPN
- VPN Connectivity Modes
- Office Mode / Visitor Mode
- Remote Access VPN Workflow
- Configuring the Security Gateway for a Remote Access Community
- Mobile Access to the Network
- Client-Based vs. Clientless
- Sample Mobile Access Deployment
- Using the Mobile Access Configuration Wizard
- Allowing Mobile Connections
Threat Prevention
- Threat Prevention Components
- IPS
- Anti-Bot
- Anti-Virus
- Threat Emulation
- Threat Extraction
- Threat Prevention Policy
- Workflow for Creating a Threat Prevention Policy
- Threat Prevention Policy Layers
- Action Enforcement in Multiple-Layered Security Policies
- Examples
- Threat Prevention Rule Base
- Parts of the Rules
- IPS Configuration
- Anti-Bot Configuration
- Anti-Virus Configuration
HTTPS Inspection and URL filtering
- HTTPS Inspection
- Outbound Connections
- Inbound Connections
- Configuring Gateways to inspect HTTPS
- HTTPS Inspection Policy
- Sample HTTPS Inspection Rule
- Monitoring Applications
- Blocking URL Categories
Don't touch this tab
ABOUT CYBERPRO
About CYBERPRO was founded in cooperation with international information security and instruction authorities who bring to Israel world-leading cyber training technologies and a learning experience of the highest standard available today.
The partners include the IITC group which has been training graduates for the high tech industry for over 20 years, and was selected as the training center for the Cisco Company in Israel.
CYBERPRO’s advanced, sought-after training courses in the areas of infrastructures, information security and cyber are world famous. These training courses were developed by some of the best cyber experts in the world, for international security organizations that emphasize the high training capabilities, the professional learning methods and the unique training and practice technologies. Our connection with international groups allows our students to be exposed to unique employment opportunities in Israel and abroad.
The training and learning tracks are all based much hands-on practice and preparation for the industry and profession requirements, so they include technological labs and practice sessions using one of the most advanced simulators in the world.
COURSE INFO
Target audience
- System administrators
- People with good networking knowledge
Prerequisites
- Basic understanding of networking is an advantage
Skills Gained
- Understanding the firewalls concept
- Creating rule-based policies for the organization
- Understanding NAT
- Configuring site to site VPN
- Using the firewall for threat prevention
- Identity awareness in firewalls
- Other firewall UTM features (URL filtering, web filtering)